CVE-2025-60291

An issue was discovered in eTimeTrackLite Web thru 12.0 20250704. There is a permission control flaw that allows unauthorized attackers to access specific routes and modify database connection configurations...

PT-2023-15513 · Jedox · Jedox

Name of the Vulnerable Software and Affected Versions: Jedox versions 2020.2.5 Description: The issue allows remote, authenticated users with permissions to modify database connections to disclose a connection's cleartext password via the 'test connection' function in the /be/rpc.php endpoint. Th...